mirror of
https://github.com/project-zot/zot.git
synced 2024-12-30 22:34:13 -05:00
8553712613
chore: upgrade trivy to v0.55.2, also update the logic of waiting for zot to start in some jobs Seems like there's an increate in the time zot requires to start before servicing requests. From my GitHub observations it is better check using curl instead of relying on hardcoded 5s or 10s values. The logic in .github/workflows/cluster.yaml seems to be old and out of date. Even on main right now there is only 1 our of 3 zots actualy running. The other 2 are actually erroring: Error: operation timeout: boltdb file is already in use, path '/tmp/zot/cache.db' This is unrelated to this PR, I am seeing the same issue in the olders workflow runs still showing the logs Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
39 lines
1.1 KiB
YAML
39 lines
1.1 KiB
YAML
name: "TLS protocol scan"
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
pull_request:
|
|
# The branches below must be a subset of the branches above
|
|
branches: [main]
|
|
|
|
permissions: read-all
|
|
|
|
jobs:
|
|
tls-check:
|
|
runs-on: ubuntu-latest
|
|
name: TLS check
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- uses: actions/setup-go@v5
|
|
with:
|
|
cache: false
|
|
go-version: 1.22.x
|
|
- name: Install dependencies
|
|
run: |
|
|
cd $GITHUB_WORKSPACE
|
|
mkdir -p test/data
|
|
cd test/data
|
|
../scripts/gen_certs.sh
|
|
- name: Check for TLS settings
|
|
run: |
|
|
cd $GITHUB_WORKSPACE
|
|
make binary
|
|
bin/zot-linux-amd64 serve examples/config-tls.json & echo $! > zot.PID
|
|
sleep 5
|
|
# Check if zot server is running
|
|
cat /proc/$(cat zot.PID)/status | grep State || exit 1
|
|
curl -k --connect-timeout 3 --max-time 5 --retry 60 --retry-delay 1 --retry-max-time 180 --retry-connrefused https://localhost:8080/v2/
|
|
|
|
# zot server is running: proceed to testing
|
|
./test/scripts/tls_scan.sh
|